mySQL install: which password setting works with LC

Creating desktop or client-server database solutions?

Moderators: Klaus, FourthWorld, heatherlaine, kevinmiller, robinmiller

Post Reply
Thierry
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 772
Joined: Wed Nov 22, 2006 3:42 pm
Location: France
Contact:

mySQL install: which password setting works with LC

Post by Thierry » Sat May 09, 2020 2:51 pm

Hi all,

mySQL 8.0.20-community on MacOS Mojave.

During the installation,
they ask to choose between a strong or legacy encryption.


installMySql-8.png


Do the 2 options work with LC 9 ? if not, which one ?

Thanks

Thierry
Regex LiveCode sunnYrex
https://sunny-tdz.com

ghettocottage
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 343
Joined: Tue Apr 10, 2012 9:18 am

Re: mySQL install: which password setting works with LC

Post by ghettocottage » Sat May 09, 2020 7:06 pm

You might consider creating your root user with the strongest password settings you can. That user will have full global permissions. Then after you have your database(s) set up, create a secondary user. The secondary user will have minimal permissions only on the database it needs to work with.

Thierry
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 772
Joined: Wed Nov 22, 2006 3:42 pm
Location: France
Contact:

Re: mySQL install: which password setting works with LC

Post by Thierry » Sat May 09, 2020 7:29 pm

ghettocottage wrote:
Sat May 09, 2020 7:06 pm
You might consider creating your root user with the strongest password .....
Thanks for your answer, and yes, I'm aware of this.

My question was related to the settings during mySql server install:
about the new 2 passwords encryption option, you can read (see picture in the OP )
that some clients could be unable to connect to the database then...

Thus the question: what about LiveCode if I choose the 1st option?

This mySQL server on my Mac is only for development purpose,
so, really I don't care much about security,
except I was scared that I couldn't connect with LC...

Hope this clarify a bit my question...

Thierry
Regex LiveCode sunnYrex
https://sunny-tdz.com

AxWald
Posts: 435
Joined: Thu Mar 06, 2014 2:57 pm

Re: mySQL install: which password setting works with LC

Post by AxWald » Sun May 10, 2020 2:42 pm

Hi,

cannot do any tests (don't have local mySQLs & those remote ones I use are not to be fiddled with ...), but as I see it & read the docu there shouldn't be a problem as long as you only use passwords to connect, and not the "PASSWORD()" function:
https://dev.mysql.com/doc/refman/5.6/en/application-password-use.html wrote:If you [...] run the server under conditions where it generates long password hashes, an application using PASSWORD() for its own passwords breaks. The recommended course of action in such cases is to modify the application to use another function, such as SHA2(), SHA1(), or MD5(), to produce hashed values.
You get your password (and user name) from the database settings, throw it to the db during the revdb_connect, what could possibly go wrong? *) As far as I understand it's only the internal hashing & the "PASSWORD()" function that got updated.

Take this with a handful of salt - but the worst that could happen would be that you'd need to uninstall/ reinstall with "Legacy encryption", right?

Hope this helps, have fun!

*) From "Famous last words" ;-)
Livecode programming until the cat hits the fan ...

Thierry
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 772
Joined: Wed Nov 22, 2006 3:42 pm
Location: France
Contact:

Re: mySQL install: which password setting works with LC

Post by Thierry » Sun May 10, 2020 3:58 pm

Thanks a lot, AxWald.

I'll do my homework now :)

Thierry
Regex LiveCode sunnYrex
https://sunny-tdz.com

Post Reply

Return to “Databases”